Data Protection Notice (GDPR)
Data Protection Notice for EU GDPR
This Data Protection Notice applies if you are in the European Economic Area (“EEA”) or the UK and you use our websites (for example, to make an online reservation). It also applies if you are a customer to our Pan Pacific London hotel.
We are Pan Pacific Hotels and Resorts Pte. Limited (“PPHR”, “us”, “we”) and we are part of a corporate group of companies with Pan Pacific Hotels Group as our parent company (collectively referred to as “Group”). The purpose of this Data Protection Notice is to inform you of how we make use of your Personal Data and how we share Personal Data with other members of our Group. It also describes your data protection rights, including the right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “Your Rights" section. Please take a moment to read this Data Protection Notice so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
We may from time to time update this Data Protection Notice to ensure that this Data Protection Notice is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Please check back regularly for updated information on the handling of your Personal Data.
1. Collection of Personal Data – What Personal Data do We Collect?
When we refer to Personal Data in this Data Protection Notice, we mean information that relates to you. We collect and process Personal Data about you when you interact with us and our websites, and when you purchase goods and services from us. This includes:
- your contact information (e.g. name, telephone number, email address, postal address);
- your financial information (e.g. credit card number, security code, expiration date);
- information related to your guest profile (e.g. accommodation preferences, booking history, special health accommodations);
- information related to your customer profile (billing address, country of residence, preferred currency, marketing preferences);
- if you contact us or our agents, we will keep a record of that communication and any communications and correspondence with you; and
- information about your computer, including where available, your IP address, operating system and browser type, for system administration and security reasons and to collect aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
Sometimes, we receive information about you from third parties. In particular, where a booking is made on your behalf by a spouse, family member or employer, we will obtain Personal Data about you from them. We may also receive information about you from travel agents and tour operators with whom you have direct contact and from other entities within our Group.
When you make a reservation about another individual or communicate another individual’s Personal Data to us, you are required to share this Data Protection Notice with that individual.
2. Collection of Personal Data – How do We Collect Personal Data
Generally, we collect Personal Data in the following ways:
(a) when you make a reservation or submit an enquiry form or other forms relating to any of our products and services;
(b) when you interact with our customer service agents, for example, via telephone calls, letters, face-to-face meetings, social media platforms and emails;
(c) when you use some of our services, for example, websites and apps including establishing any online accounts with us;
(d) when you request that we contact you, be included in an email or other mailing list;
(e) when you respond to our promotions, initiatives or to any request for additional Personal Data;
(f) when you are contacted by, and respond to, our marketing representatives and customer service agents;
(g) when we seek information from third parties about you in connection with the products and services you have applied for; and
(i) when you submit your Personal Data to us for any other reasons.
3. Purposes for the Collection, Use and Disclosure of Your Personal Data
Generally, we collect, use and disclose your Personal Data for the following purposes:
3.1. To fulfil a contract, or take steps linked to a contract: this is relevant where we are:
- responding to your queries and requests;
- establishing or providing you with the products and services you request for (including but not limited to service activation, service operations, service delivery and order processing – for example, creating customer accounts and processing online reservations, processing any changes or requests relating to your reservations, providing our services such as room reservations in our hotels and resorts, or usage of other facilities, such as restaurants, spas, meeting and event organisation services);
- administering your membership to our loyalty programs and providing services as part of our loyalty programs;
- facilitating the daily operation of the products and services (including but not limited to billing, customer service, customer verification, and technical support);
- processing of payment instructions, direct debit facilities and/or credit facilities requested by you.
3.2. As required by us to conduct our business and pursue our legitimate interests, in particular:
- managing our administrative and business operations and complying with our internal policies and procedures;
- facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving any of the companies within our Group;
- resolving complaints and handling requests and enquiries;
- monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
- enforcement of repayment obligations (including but not limited to debt collection, filing of claims and retrieval of payments from losses made by service partners);
- credit and internal risk management (including but not limited to performing credit checks and disclosures to law enforcement agencies) and managing commercial risks;
- generating internal reports (including but not limited to annual, operational and management reports);
- administering fee adjustments, refunds and waivers;
- leads generation and management for marketing our and our Group companies’ products and services;
- sharing information with other entities within our Group of companies;
- analysing your use of our products and services so as to help us improve, review, develop and efficiently manage the products and services offered to you.
- organising promotional events;
- conducting market research and surveys to enable us to understand the geographic provenance, preferences and demographics of customers to develop special offers and marketing programmes in relation to our and our Group companies’ products and services;
- legal purposes (including but not limited to obtaining legal advice and dispute resolution);
- fraud and crime detection and prevention;
- audit, insurance, tax, accounting and billing purposes;
- IT security and maintenance of our systems;
- safety and security of our employees, guests and premises (for example, by using CCTV in our premises).
3.3. Where you give us consent:
- (if consent is required by law), communicating to you advertisements involving details of our and our Group companies’ products and services, special offers and rewards, either to our customers generally, or which we have identified may be of interest to you (including but not limited to upselling, cross selling and telemarketing). You may receive these communications from us directly or from other companies within our Group, such as Pan Pacific Marketing Services Pte Ltd., the company that manages our marketing activities at Group level;
- When you share with us your dietary requirements or special requests that may reveal information about your health;
- on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.
3.4. For purposes which are required by law:
- legal and tax related purposes (including but not limited to dispute resolution and compliance with requests from authorities and law enforcement bodies);
- preventing, detecting and investigating crime;
- conducting investigations relating to disputes, billing or fraud;
- complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory complaints, disclosing information to regulatory bodies and conducting audit checks, due diligence and investigations).
4. Withdrawing Consent or Otherwise Objecting to Direct Marketing
You have a choice to withdraw your consent for receiving marketing or promotional materials/communications. You may contact us using the contact details found below.
Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, it may take up to a month for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time. Please note that even if you withdraw your consent for the receipt of marketing or promotional materials, we may still contact you for other purposes in relation to the products and services that you have requested from us (for example, to confirm your reservation or to share important information about your reservation).
5. Disclosure of Personal Data
Your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following:
(a) Our related corporations and employees to provide products and services to you, address your questions and requests in relation to your billing arrangements with us as well as our products and services, to maintain and operate our systems and/or services;
(b) Our partners that offer services you have requested as part of our loyalty programs;
(c) companies providing services relating to insurance and consultancy to us;
(d) agents, contractors or third party service providers who provide operational services to us, such as courier services, telecommunications, information technology, payment, printing, billing, payroll, processing, technical services, training, market research, call centre, security or other services to us;
(e) vendors or third party service providers in connection with marketing promotions and services offered by us;
(f) any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving any of the Companies;
(g) collection and repossession agencies in relation to the enforcement of repayment obligations for debts;
(h) external banks, credit card companies and their respective service providers;
(i) our professional advisers such as auditors and lawyers;
(j) relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority;
(k) travel agents and other third parties who make reservations on your behalf and with whom you have direct contact; and
(l) any other party to whom you authorise us to disclose your Personal Data to.
Information is also shared with the Pan Pacific Hotels Group and other entities within our Group of companies, such as Pan Pacific Marketing Services Pte Ltd. in Singapore.
Where information is transferred outside the European Economic Area, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or a vendor's Processor Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review on request to the contact details set out below.
6. Retention of your Personal Data
We will store your Personal Data securely for as long as it is required in order for us to provide you with our products and services and fulfil the purposes set out in this Data Protection Notice, and for such further period that is necessary to comply with our legal and regulatory obligations (for example, our accounting and tax obligations), to exercise our legal rights and to protect our company from legal claims.
When you interact with us on our websites, we automatically receive and record information on our server logs from your browser. We may employ cookies in order for our server to recognise a return visitor as a unique user including, without limitation, monitoring information relating to how a visitor arrives at the website, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP address, and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
Cookies are small text files stored in your computer or other electronic devices which allow us to remember you. The cookies placed by our server are readable only by us. Cookies are not programs and therefore cannot access, read or modify any other data on an electronic device. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
We use the following categories of cookies for the following purposes:
(a) Strictly necessary cookies: To make our websites work correctly. We use these cookies to enable you to move around the website and to use its features – you do not need to consent for the use of strictly necessary cookies. These cookies usually expire when you end your browsing session or shortly afterwards.
(b) Functionality cookies: These cookies allow us to remember choices you make (such as your language or your log in details when you return on restricted areas of our Website) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. The information these cookies collect cannot track your browsing activity on other websites.
(c) Analytics cookies: To analyse and improve your browsing experience. We use these cookies, such as Google Analytics cookies, to analyse usage of the website and interaction with our content and communication, so we can measure and improve performance.
(d) Social media cookies: To enable you to share content. With your consent, we use these cookies to allow you to share what you’ve been doing on our website on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies for how their cookies work.
You may accept or reject cookies (apart from strictly necessary cookies, which are always required and are not subject to your consent). You can manage your cookie preferences and provide or withdraw your consent at any time through our Cookie Preference Centre, available at our webpage.
Please bear in mind that if you restrict or disable cookies, this can limit functionality and prevent our websites from working properly.
For more information on targeted advertising, please visit http://www.youronlinechoices.eu. Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to use certain services or enter certain part(s) of our website.
8. Your Rights
You have the right to ask us for a copy of your Personal Data; to correct, delete or restrict (stop any active) processing of your Personal Data; and to obtain the Personal Data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.
In addition, you can object to the processing of your Personal Data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.
To exercise any of these rights, you can get in touch with us – or our data protection officer – using the details set out below. If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred.
9. Contacting Us – Withdrawal of Consent, Access and Correction of your Personal Data
(a) have any questions or feedback relating to your Personal Data or our Data Protection Notice;
(b) would like to withdraw your consent to any use of your Personal Data based on consent as set out in this Data Protection Notice; or
(c) would like to exercise your Personal Data rights,
please contact us as follows:
Call: (65) 6808 1180
Write in: Data Protection Officer
7500 A Beach Road
#03-301 The Plaza